Infographic: 6 emerging trends in security

Download this infographic to discover 6 emerging trends in security that cybersecurity pros - and their employers - need to prep for in the next year. These ideas are taken from a keynote by analyst Peter Firstbrook at Gartner Symposium 2018.

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

The report – based on a survey of more than 1,760 IT and IT security practitioners in the UK, US, Germany and France – also reveals that 51% of employees reuse an average of five passwords across their business and personal accounts.

The research found that data protection practices continue to be poor, even though 63% of respondents said they are more concerned now about the privacy and security of personal data than two years ago.

According to respondents, two-factor authentication (2FA) is still not widely used, for example, with 55% not using it at work and 67% not using it for personal accounts. This is despite the fact that 44% of respondents have experienced a phishing attack at work and 51% in their personal lives, where bad actors have attempted to steal their account credentials.

The survey shows that people are not learning from experience, with 57% of those who had experienced a phishing attack admitting that they had not changed their password behaviour afterwards.

“For decades, passwords have been the primary method of authentication used to protect data and accounts from unauthorised access. However, this multi-country research illustrates the difficulties associated with proper password hygiene,” said Stina Ehrensvard, CEO and founder of authentication firm Yubico.

“With every new password breach that we see, it’s become increasingly clear that new security approaches are needed to help individuals manage and protect their accounts both personally and professionally,” she said.

In addition to exposing the organisations they work for to risk of cyber attacks, the report said the poor security practices of employees are incurring additional unnecessary costs. On average, respondents report spending an average of 12.6 minutes each week, or 10.9 hours a year, entering or resetting passwords. Based on the average company size of almost 15,000 employees in the research, the report said the estimated cost of productivity per organisation averages $5.2m a year.

The cost of passwords

Yubico is a member of the Fido Alliance, a consortium of tech industry partners that are working together to establish standards for strong authentication and eliminate the world’s dependence on password-based security.

According to Fido, the cost of passwords underlies the need for organisations to switch to an alternative method of authentication that will de-risk the process and cut costs.

“Passwords are a huge risk to businesses. The vast majority of breaches are caused by weak and shared credentials, which opens up a huge attack surface for businesses,” according to Andrew Shikiar, chief marketing officer for Fido.

“Passwords also cause friction, with 50% of shopping cart abandonment due to password issues and a large proportion of costly IT support calls within enterprises related to passwords,” he told Computer Weekly.

Sandor Palfy, chief technology officer of identity and access management at remote access profider LogMeIn, said passwords have always played an integral role in data security, and most companies rely on them as their go-to method for authentication.

“But with the average person having over 200 passwords to memorise, many find it too complicated to remember unique credentials for each platform. One employee motivated by convenience and productivity using the same weak password across business and personal platforms is all it takes for a data hack to occur,” he said.

According to Palfy, business leaders should take Data Protection Day as an opportunity to educate employees on the importance of healthy password practices.

“Using a password manager to generate and remember a random string of characters and numbers is a vital step in strengthening account security. As those on the front line, staff should also be given guidance on responding quickly to data hacks. If a business can build a strong defence mechanism combined with trained staff, it will stand a better chance of remaining secure and cyber ready,” he said.

Start the conversation

0 comments

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.